1. Field of the Invention
This invention is related to network systems, particularly network systems that transmit frames after applying filtering on a network.
2. Background of the Prior Art
Currently, corporate networks are vulnerable to threats such as unauthorized access. Such threats are not limited to corporate networks, as web servers and FTP (File Transfer Protocol) servers that exist on a network and implement information transferring services are also vulnerable. Networks need to prevent unauthorized access and the destruction of internal data by deploying a firewall, or setting up a protective mechanism on relaying devices such as routers or switches.
Mechanisms that protect against unauthorized access generally use a filtering function. This function is structured to ensure security by examining frames sent through the network, determining whether to permit access, and then discarding frames that have been denied access. Filtering can also lighten traffic, since unnecessary frames will not be relayed.
Until now, filtering methods set up filtering individually for each device, so the filtering function is only effective on the device to which it was set. In other words, filtering processes are run on the set device only when a frame arrives.
Also, on servers such as web servers, filtering methods are set through a server application that determines access and discards unnecessary frames if access restrictions apply.
Filtering technology on networks involving an exchange of filtering table information between devices and a subsequent lightening of the network's load is currently recommended. (For example, see Japanese Unexamined Patent Application Publication H11-27270 Official Bulletin (Paragraph numbers (0008)˜(0013), FIG. 1).
As mentioned above, if filtering is set up on a relay device in a network, the filtering is only effective on that particular device, and does not run until a frame to be filtered arrives to that device. Thus, frames will be relayed through the network until they arrive at that particular device even if they are frames to be discarded, causing an excess load problem.
FIG. 23 shows a sample network that explains the problem with current filtering methods. Note the device connection relationship within Network 200, and how Subnet 51 is connected to Server 80, Computer Terminal 71, and Relay Device 61. Relay Device 61 is connected to Relay Devices 62 and 63. Relay Device 62 is connected to Relay Devices 63 and 64, and Subnet 52, and Subnet 52 is connected to Computer Terminal 72.
Relay Device 63 is connected to Relay Device 65 and Subnet 53, and Subnet 53 is connected to Computer Terminal 73. Relay Device 64 is connected to Subnet 54, and Subnet 54 is connected to Computer Terminal 74. Relay Device 65 is connected to Relay Device 66 and Subnet 55, and Subnet 55 is connected to Computer Terminal 75. Relay Device 66 is connected to Subnet 56, and Subnet 56 is connected to Computer Terminal 76.
Let us propose that filtering is set up on Relay Device 63 to filter access to Server 80 from Computer Terminals 73, 75, and 76. In this situation, access from Computer Terminal 75 to Server 80 would be relayed by Relay Device 65, and access from Computer Terminal 76 to Server 80 would be relayed by Relay Devices 66 and 65, but since filtering is run on Relay Device 63, unnecessary relaying would occur on Relay Devices 65 and 66.
In this manner, when filtering is set up on individual devices, excess relay flow occurs. Although filtering information can be set up for the entire network and not individual devices (for example, in the example mentioned above, filtering settings would be applied to all Relay Devices 61˜66 in order to filter access to Server 80 from Computer Terminals 73, 75, and 76), so that an excess load would not occur, but, in this case, it would be very tedious to reset if filtering settings were ever to change. Also, with regards to filtering content, flow that is not to be filtered would be subject to filtering if other devices were to have filtering set up, posing a risk for setup errors in addition to the process being unrealistic.
In other words, for FIG. 23, if filtering is set up on Relay Device 63 to filter access to Server 80 from Computer Terminals 73, 75, and 76, and the same filtering settings for Relay Device 63 are applied to all Relay Devices 61˜66 to improve network efficiency, access to Server 80 from Computer Terminals 71, 72, and 74 would also be filtered, causing an error indicating that the current filtering settings are not being properly reflected.
Meanwhile, on servers to date, filtering is applied through access restrictions set up by a server application, but an error had occurred in the past in which a focused access attack could not be prevented regardless of access restrictions.
In particular, setting up access restrictions only to the server alone is useless towards unauthorized access such as Denial of Service Attacks (DOS (Denial of Service) Attack: A user with bad intentions submits a large amount of connection requests to the server, depleting server resources so that connection service is stopped for legitimate users), and even if a firewall stops a device, the access focused on that server will eat away the server resources mid-process, stopping all other communication.
Also, the aforementioned current technology (Japanese Unexamined Patent Application Publication H11-27270) does not attempt to lighten the load by relaying frames, and requires network load to use a broadcast packet sent out by the management device so that it can recognize all computer terminals. Also, the current technology's filtering tables are simply structured with a combination of address and destination ports, so a filtering control with an advanced protocol cannot be used to exchange several commands between devices.